[Buildroot] [PATCH v4,2/2] package/snort3: new package

Arnout Vandecappelle arnout at mind.be
Mon Jun 14 20:39:04 UTC 2021 


On 25/04/2021 19:22, Fabrice Fontaine wrote:
> Snort 3 is the next generation Snort IPS (Intrusion
> Prevention System).
> 
>  - Support multiple packet processing threads
>  - Shared configuration and attribute table
>  - Use a simple, scriptable configuration
>  - Make key components pluggable
>  - Autodetect services for portless configuration
>  - Support sticky buffers in rules
>  - Autogenerate reference documentation
>  - Provide better cross platform support
> 
> https://www.snort.org/snort3
> 
> Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>

 Applied both to master, thanks.

 Was there a reason you didn't carry Heiko's Reviewed-by? I don't think you
changed that much, did you?

 Regards,
 Arnout

> ---
> Changes v3 -> v4:
>  - Bump to latest upstream version
>  - Add new flex dependency
> 
> Changes v2 -> v3 (after review of Heiko Thiery):
>  - Bump to latest upstream version (and so drop patches)
>  - Update indentation of hash file to two spaces)
> 
> Changes v1 -> v2:
>  - Fix duplicate "depends on" error in Config.in
> 
>  DEVELOPERS                 |  1 +
>  package/Config.in          |  1 +
>  package/snort3/Config.in   | 42 ++++++++++++++++++++++++++++
>  package/snort3/snort3.hash |  6 ++++
>  package/snort3/snort3.mk   | 57 ++++++++++++++++++++++++++++++++++++++
>  5 files changed, 107 insertions(+)
>  create mode 100644 package/snort3/Config.in
>  create mode 100644 package/snort3/snort3.hash
>  create mode 100644 package/snort3/snort3.mk
> 
> diff --git a/DEVELOPERS b/DEVELOPERS
> index 664337561f..a72ddc9740 100644
> --- a/DEVELOPERS
> +++ b/DEVELOPERS
> @@ -905,6 +905,7 @@ F:	package/python-yatl/
>  F:	package/rocksdb/
>  F:	package/rygel/
>  F:	package/safeclib/
> +F:	package/snort3/
>  F:	package/suricata/
>  F:	package/tinycbor/
>  F:	package/tinydtls/
> diff --git a/package/Config.in b/package/Config.in
> index c30a1603e3..c3379b2376 100644
> --- a/package/Config.in
> +++ b/package/Config.in
> @@ -2279,6 +2279,7 @@ endif
>  	source "package/sngrep/Config.in"
>  	source "package/snmpclitools/Config.in"
>  	source "package/snort/Config.in"
> +	source "package/snort3/Config.in"
>  	source "package/socat/Config.in"
>  	source "package/socketcand/Config.in"
>  	source "package/softether/Config.in"
> diff --git a/package/snort3/Config.in b/package/snort3/Config.in
> new file mode 100644
> index 0000000000..75923c3c20
> --- /dev/null
> +++ b/package/snort3/Config.in
> @@ -0,0 +1,42 @@
> +config BR2_PACKAGE_SNORT3
> +	bool "snort3"
> +	depends on BR2_PACKAGE_LUAJIT_ARCH_SUPPORTS # luajit
> +	depends on !(BR2_PACKAGE_DAQ || BR2_PACKAGE_SNORT)
> +	depends on BR2_USE_MMU # fork()
> +	depends on BR2_INSTALL_LIBSTDCPP
> +	depends on !BR2_STATIC_LIBS # daq3
> +	depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_9 # C++11
> +	depends on BR2_TOOLCHAIN_HAS_THREADS # hwloc
> +	depends on BR2_USE_WCHAR
> +	select BR2_PACKAGE_DAQ3
> +	select BR2_PACKAGE_FLEX
> +	select BR2_PACKAGE_HWLOC
> +	select BR2_PACKAGE_LIBDNET
> +	select BR2_PACKAGE_LIBPCAP
> +	select BR2_PACKAGE_LUAJIT
> +	select BR2_PACKAGE_PCRE
> +	select BR2_PACKAGE_LIBTIRPC if !BR2_TOOLCHAIN_HAS_NATIVE_RPC
> +	select BR2_PACKAGE_OPENSSL
> +	select BR2_PACKAGE_ZLIB
> +	help
> +	  Snort 3 is the next generation Snort IPS (Intrusion
> +	  Prevention System).
> +
> +	  - Support multiple packet processing threads
> +	  - Shared configuration and attribute table
> +	  - Use a simple, scriptable configuration
> +	  - Make key components pluggable
> +	  - Autodetect services for portless configuration
> +	  - Support sticky buffers in rules
> +	  - Autogenerate reference documentation
> +	  - Provide better cross platform support
> +
> +	  https://www.snort.org/snort3
> +
> +comment "snort3 needs a toolchain w/ C++, wchar, threads, dynamic library, gcc >= 4.9"
> +	depends on BR2_PACKAGE_LUAJIT_ARCH_SUPPORTS
> +	depends on !(BR2_PACKAGE_DAQ || BR2_PACKAGE_SNORT)
> +	depends on BR2_USE_MMU
> +	depends on !BR2_INSTALL_LIBSTDCPP || !BR2_USE_WCHAR || \
> +		BR2_STATIC_LIBS || !BR2_TOOLCHAIN_HAS_THREADS || \
> +		!BR2_TOOLCHAIN_GCC_AT_LEAST_4_9
> diff --git a/package/snort3/snort3.hash b/package/snort3/snort3.hash
> new file mode 100644
> index 0000000000..48eddd74c9
> --- /dev/null
> +++ b/package/snort3/snort3.hash
> @@ -0,0 +1,6 @@
> +# Locally computed:
> +sha256  a68af8ea46a038dfb0ad489e8d11dee62a3e63cb4a639f6bb4fac4ded955fe11  snort3-3.1.4.0.tar.gz
> +
> +# Hash for license files:
> +sha256  3f1cbfb20bb2c608e1a474421880d08b8cba6abb00ab7736d22c481d71656a6d  COPYING
> +sha256  f98260a6d3e5ef4ede8a2a6b698e5ac91d64c09243f7171e1c5b17b920a835c7  LICENSE
> diff --git a/package/snort3/snort3.mk b/package/snort3/snort3.mk
> new file mode 100644
> index 0000000000..1c49da8ec0
> --- /dev/null
> +++ b/package/snort3/snort3.mk
> @@ -0,0 +1,57 @@
> +################################################################################
> +#
> +# snort3
> +#
> +################################################################################
> +
> +SNORT3_VERSION = 3.1.4.0
> +SNORT3_SITE = $(call github,snort3,snort3,$(SNORT3_VERSION))
> +SNORT3_LICENSE = GPL-2.0
> +SNORT3_LICENSE_FILES = COPYING LICENSE
> +
> +SNORT3_DEPENDENCIES = \
> +	host-pkgconf daq3 flex hwloc libdnet libpcap luajit openssl pcre zlib
> +
> +SNORT3_CONF_OPTS = \
> +	-DENABLE_GDB=OFF \
> +	-DENABLE_STATIC_DAQ=OFF \
> +	-DMAKE_DOC=OFF
> +
> +ifeq ($(BR2_PACKAGE_FLATBUFFERS),y)
> +SNORT3_DEPENDENCIES += flatbuffers
> +SNORT3_CONF_OPTS += -DHAVE_FLATBUFFERS=ON
> +else
> +SNORT3_CONF_OPTS += -DHAVE_FLATBUFFERS=OFF
> +endif
> +
> +ifeq ($(BR2_PACKAGE_LIBICONV),y)
> +SNORT3_DEPENDENCIES += libiconv
> +SNORT3_CONF_OPTS += -DHAVE_ICONV=ON
> +endif
> +
> +ifeq ($(BR2_PACKAGE_LIBTIRPC),y)
> +SNORT3_DEPENDENCIES += libtirpc
> +endif
> +
> +ifeq ($(BR2_PACKAGE_SAFECLIB),y)
> +SNORT3_DEPENDENCIES += safeclib
> +SNORT3_CONF_OPTS += -DENABLE_SAFEC=ON
> +else
> +SNORT3_CONF_OPTS += -DENABLE_SAFEC=OFF
> +endif
> +
> +ifeq ($(BR2_PACKAGE_UTIL_LINUX_LIBUUID),y)
> +SNORT3_DEPENDENCIES += util-linux
> +SNORT3_CONF_OPTS += -DHAVE_UUID=ON
> +else
> +SNORT3_CONF_OPTS += -DHAVE_UUID=OFF
> +endif
> +
> +ifeq ($(BR2_PACKAGE_XZ),y)
> +SNORT3_DEPENDENCIES += xz
> +SNORT3_CONF_OPTS += -DHAVE_LZMA=ON
> +else
> +SNORT3_CONF_OPTS += -DHAVE_LZMA=OFF
> +endif
> +
> +$(eval $(cmake-package))
>

More information about the buildroot mailing list